On Wed, May 29, 2024 at 08:25:18PM +0300, Kuzey Arda Bulut wrote: > Dear Linux Kernel Security Team, > > I have discovered a null-ptr-deref security vulnerability in tty driver in > the Linux kernel. You can find the detailed descriptions of the > vulnerability in report.md. > > If you have any questions or need further information, please do not > hesitate to contact me. As the n_gsm is full of known issues by the developers, and the ldisc is not allowed to be loaded by a non-root user, this isn't all that serious of an issue. See this thread for a list of problems that I think you might have already found here: https://lore.kernel.org/r/DB9PR10MB5881D2170678C169FB42A423E0082@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Note, 2 fixes have landed in 6.10-rc2 for this driver, can you verify if these fix the issue you are reporting here? And do you have a proposed fix for this issue? thanks, greg k-h
